Wireless networks are increasing in popularity as prices have fallen and speeds have increased. In fact, prices have fallen enough to where the prices of a Wireless Local Area Network (WLAN) and a wired LAN are comparable.
In a WLAN, a computer system can connect wirelessly to a wired Ethernet Local Area Network through an Access Point (AP). An AP can be implemented, e.g., as a card that is added to a computer system, or as a standalone computer system. Data transmission in the “clear” between a computer system and an AP can be intercepted and stolen. “Clear” data transmission means that encryption of packets of wireless data is not occurring. In an effort to make wireless networking more secure, most wireless networks support some type of encryption for data packets passed between the AP and a computer system. As an example, the Institute of Electrical and Electronics Engineers (IEEE) 802.11 standard for WLANs provides an encryption mechanism for data transmission, which many wireless networks implement. The 802.11 standard encryption is known as WEP (Wired Equivalent Privacy). WEP uses either a 64-bit or a 128-bit encryption key, which means that the encryption is fairly secure if the encryption key is not determined.
A problem with WEP is that an administrator has to manually change the keys on all APs and all computer systems connected to those APs Manually changing these keys can be a very cumbersome and disruptive task. During the time that the WEP key is changed on the AP and the key is not updated on a computer system connected to the AP, there can be no communication between the two if WEP is turned on. If the WEP keys are not changed frequently, then any intruder, using tools publicly available on the Internet, can determine the WEP keys and steal data.
A new standard, IEEE 802.1x, alleviates the WEP key management problem by providing the AP with a secure mechanism to send, to a computer system connected to it, a set of WEP keys. WEP keys could be changed automatically but still not seamlessly since there is a gap between the time the AP changes its WEP key and the time it can reach the last computer system connected to it to tell that computer system of the newly changed WEP key. Until a computer system has its WEP key changed, there will be no data transfer between the computer system and the AP. For example, if there are 50 computer systems connected to the AP, and each computer system needs its WEP key changed, then there will be some time period between when the AP changes its key and when the fiftieth computer system has its key changed by the AP. Changing all of these keys can take a long enough time that a person using the fiftieth computer system will notice a lack of network communication.
A need therefore exists for techniques that allow network communication to continue in a wireless network while keys are being updated, yet also maintain high security.